1 Answer
- Newest
- Most votes
- Most comments
1
As per the doc (https://docs.aws.amazon.com/apigateway/latest/developerguide/rest-api-mutual-tls.html), private APIs don't support mutual TLS.
In order to do that, you would need something like: Client -> NLB -> Proxy (to handle mTLS) -> interface VPC endpoint for API Gateway -> private API
You can have a look at this blog post: https://aws.amazon.com/pt/blogs/aws-brasil/suportando-mutual-tls-mtls-utilizando-certificados-do-icp-brasil-para-o-open-banking-no-brasil-utilizando-o-amazon-api-gateway/, it's in Portuguese but you will see the architecture, and can probably translate.
answered 3 years ago
Relevant content
- asked a year ago
- asked a year ago
- asked 3 years ago
- asked 6 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 7 days ago
I'm aware that mutual TLS for private API gateways are not supported, but in my case I'm using public API gateway with VPC link. Shouldn't this configuration be supported, as only difference between functional and nonfunctional configurations is to swap lambda integration with VPC link integration?